security considerations regarding upload to server from another website

Forum Moderators: coopster

Message Too Old, No Replies

security considerations regarding upload to server from another website

darkage

5:44 pm on May 20, 2009 (gmt 0)

This is not really php related even though the programming language is PHP.

I allow my members to upload images to my website from their PC. A member has request a feature where he can upload his images from his website.

I find this feature to be very interesting as I see many of my members having their images already on other websites and by enabling this feature I can encourage them to use their images from my competitor sites on my site.

So looking away from the legal issues, what security concerns can there be in my server trying to do a HTTP GET on a URL the member provided ?

Of course I will be validating the following:
1. transport is http
2. the extension is .jpg
3. The file downloaded is not larger than X Megabytes
4. The file is a valid jpg image file

Thanks in advance

CyBerAliEn

9:05 pm on May 21, 2009 (gmt 0)

The security implications are the same: you are still putting a foreign file onto your file system!

The only difference, is that instead of the file coming directly from your user (file upload), it is now coming directly from a 3rd party web server.

Employ the same basic security guidelines to handle the file. The 4 things you mention are all good steps. Try Googling "PHP file upload security" for more specific concerns about uploading user files onto your system.

darkage

10:15 pm on May 21, 2009 (gmt 0)

I was thinking more in the lines of using my server to access external resources (like a proxy). I see it all the times with failed attempts in my access log

enigma1

10:18 am on May 26, 2009 (gmt 0)

what security concerns can there be in my server trying to do a HTTP GET on a URL the member provided ?

If I understand correctly this, member sets a link for an image that points to an external site. Now as your users browse pages on your site, some images may point to an external site (whatever was specified by the image links of your members correct?

If so then we have

your site:
www.example.com

external site:
site1.example.com

Link to the image:
site1.example.com/image/my_image.gif

Here are few things that can be done.
Once the image link is set to your site member changes the content of the image to some adult content only for some ips or only on a specific time of the day.

Another case is he can set an authorization script inside hist /image folder that rotates. Now some members of your site will see a popup dialog prompting them to enter their credentials. Just use your imagination possibilities are unlimited.

So make sure of at least 2 things.
1. Make sure they upload the image files to your server (no hot-linking)
2. Validate the images.

darkage

7:50 am on May 28, 2009 (gmt 0)

enigma1 > you misunderstood. The issue is not to link to an external URL but to download from the URL and store the image on my server.

tangor

7:56 am on May 28, 2009 (gmt 0)

darkage... are you vetting the images stored, or just taking them willy nilly? Freely admit I'm a bit of a control freak. I want to control what appears on my sites.

And when push comes to shove I want my users to send me the images direct rather than point to a third party (where's the audit trail in that!)?

enigma1

9:09 am on May 28, 2009 (gmt 0)

darkage, best to have the users upload the images, then you validate/authorize them before displaying. Or maybe you can have instructions to upload their images on another server which you trust (there are services online for this I believe) and then have your server to automatically download them and store them.

But if you have your server to automatically downloads them, stores them and then are accessible without validation is no different than the hot-linking problems mentioned above.